Privacy Policy

Introduction

MinterEllison is a leading Australian-based international law firm. This Policy outlines the way in which we manage personal information. We, us, our, Minter Ellison Organisations and Minter Ellison Legal Group are defined at the end of this Policy.

What kinds of personal information do we collect?

The type of information we may collect and hold includes personal information about:

clients, business associates and potential clients and their employees;

information about individuals we collect in the course of acting for clients;

suppliers and their employees;

employees, prospective employees and contractors; and

other people who come into contact with a member of the Minter Ellison Legal Group.

In general, the personal information we collect and hold includes name, contact details, occupation, personal preferences, payment details, employment history, education and qualifications, testimonials and feedback, and other information which assists us in conducting our business, providing and marketing our services and meeting our legal obligations. In some cases we may also collect 'sensitive information', such as information about an individual's membership of a professional association, criminal record or health information.

How do we collect and hold personal information?

We will generally collect personal information:

from you directly when you provide your details to us;

from you indirectly through emails, forms, face-to-face meetings, interviews, registration and attendance at seminars, business cards and telephone conversations and through use of the services and facilities available through our websites and social media channels (including our blogs and LinkedIn channel); and

from third parties in some instances, for example, we may use third parties to analyse traffic at our website, our blogs and social media channels, which may involve the use of cookies. In some circumstances we may collect personal information about an individual from a third party, for example, a report provided by a medical professional or an employment reference from another person.

We will take reasonable steps to protect the security of personal information. Our personnel are required to respect the confidentiality of personal information and the privacy of individuals. We take reasonable steps to protect personal information held from misuse and loss and from unauthorised access, modification or disclosure, for example by use of physical security and restricted access to electronic records. Where we no longer require your personal information we will take reasonable steps to destroy it.

Why do we collect, hold, use and disclose personal information?

In general, we may collect, hold, use and disclose your personal information for the following purposes:

Who do we disclose your personal information to?

to entities who assist us in providing our services (including hosting and data storage providers and debt collectors);

to social media sites on which we have a presence; and

where we are required to do so by law.

Are we likely to disclose your personal information overseas?

We may disclose your personal information to the following overseas recipients:

to other members of the Minter Ellison Legal Group (including those members located in New Zealand, the UK, China and Mongolia);

to other companies or individuals who assist us in providing services or who perform functions on our behalf (such as third party service providers, specialist

consultants and barristers), including those located in the USA;

to courts, tribunals and regulatory authorities;

to anyone else to whom you authorise us to disclose it; and

to anyone else where we are required to do so by law.

How can you access and correct your personal information?

Subject to the exceptions set out in the Privacy Act, you may seek access to and correction of the personal information which we hold about you by contacting our Privacy Officer (the Director of People & Development) on 1800 828 342. We will require you to verify your identity and to specify what information you require. If a fee is charged for providing access, you will be advised of the likely cost in advance.

How can you make a privacy related complaint?

If you have any questions about privacy-related issues or wish to complain about a breach of the Australian Privacy Principles or the handling of your personal information by us, please contact our Privacy Officer (the Director of People & Development) on 1800 828 342. We may ask you to lodge your complaint in writing. Any complaint will be investigated by the Privacy Officer and you will be notified of the making of a decision in relation to your complaint as soon as is practicable after it has been made, usually within 30 days.

If we are unable to satisfactorily resolve your concerns about our handling of your personal information, you can contact the Office of the Australian Information Commissioner:

GPO Box 5218
Sydney NSW 2001
Tel: 1300 363 992
www.oaic.gov.au

Updates to this Policy

This Policy will be reviewed from time to time to take account of new laws and technology, changes to our operations and practices and the changing business environment. The most current version of this Policy is located at www.minterellison.com and can also be obtained by contacting the Minter Ellison Privacy Officer (the Director of People & Development).

Definitions

In this Policy:

we, us and our means the Minter Ellison Organisations;

Minter Ellison Legal Group means each Minter Ellison Organisation; the partnerships known as MinterEllison in Adelaide and Darwin and MinterEllison Gold Coast; and Minter Ellison Rudd Watts in Auckland and Wellington; and

Minter Ellison Organisations means MinterEllison's offices in Brisbane, Sydney, Canberra, Melbourne, Perth, Beijing and Shanghai; MinterEllison's limited liability company in Ulaanbaatar; the partnerships licensed to use the MinterEllison name which include the offices in London and Hong Kong; and the Minter Ellison Revenue Group (a partnership which provides taxation advice and related services together with management services).